490b85e6329f890f9c8a16bbf021384d8d8175a369c871cc28ad631f48d60ecb

Sharing

Copy URL Twitter E-mail

General

Target

490b85e6329f890f9c8a16bbf021384d8d8175a369c871cc28ad631f48d60ecb
Size

128KB
MD5

f8b34aed106608951129a23176ff5414
SHA1

9f99d3b004b4fbef90f95d72e2a90e375d99d578
SHA256

490b85e6329f890f9c8a16bbf021384d8d8175a369c871cc28ad631f48d60ecb
SHA512

a12c15a75892672a260d15680b82e731620870848b5f5013b0bcf1f051155d16274b1e1052b8563470e8b23c61121a779ab972ddb5013eec51adafc6a2347958
SSDEEP

3072:zl+mGMwfN8q8oslFZiQ8aa7H4I/KCqR79XOg4R58:ZR0qxoslFoQ8p7H4I/GR79XOgY8

Score

N/A

Malware Config

Signatures

Files

490b85e6329f890f9c8a16bbf021384d8d8175a369c871cc28ad631f48d60ecb
.dll windows x86

9adbe1a5b7cd841ed1cd95e024fcb4b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
IsValidLocale
GetSystemTimeAdjustment
FindAtomA
GetProcAddress
GetConsoleWindow
GetSystemTime
FreeResource
LoadLibraryA
SetConsoleNumberOfCommandsA
WaitForSingleObject
ReadConsoleOutputAttribute
FreeLibrary
EnumResourceNamesW
GetLocalTime
GetConsoleCommandHistoryLengthA
GetHandleInformation
GetModuleHandleA
GetVersion

advapi32

BuildTrusteeWithSidA
LogonUserA

winmm

joyGetPosEx
timeKillEvent
waveInGetNumDevs
mmioRenameA
mmioClose
waveOutGetErrorTextW
wid32Message
waveInGetDevCapsA
midiOutGetVolume
midiInStart
timeGetTime
waveOutRestart
midiOutClose
mmioAdvance
mciDriverYield
tid32Message
mmsystemGetVersion
mciSendStringW
CloseDriver
mmDrvInstall
mmioDescend
mmioCreateChunk
DefDriverProc
PlaySoundA
mciGetDeviceIDW
waveOutUnprepareHeader
auxSetVolume
mciSendStringA
mixerGetDevCapsW

msvcrt

_mbslwr
_mbsset
_mbsncmp
_mbsnbcpy
isprint
_wexeclpe
_searchenv
_CIpow
_umask
_amsg_exit
_fpclass
_mbsncpy
fwprintf
isspace
memset
fprintf
_beginthreadex
_get_osfhandle
_vsnprintf
_ismbcl1
_spawnle
__p__wcmdln
atof
_wtempnam
fmod
_mbsnbcat
isupper
fopen
acos
_finite
_wsetlocale
fputc
fputs
_unlink
strcpy
fwrite
_ismbbalnum
_CIacos
_mbsnicmp
_wspawnlpe
sqrt
__threadhandle
_adj_fdiv_m64
fread
_spawnve
fclose
__lc_codepage
_mbstrlen
feof
fsetpos
_rotr
__unDNameEx
ferror
div
_wexecle
atan2
_ismbslead
wcscspn
_atoldbl
__CxxLongjmpUnwind
_stat
printf
_spawnl
_setmode
atoi
srand
ftell
_tempnam
_statusfp
vfwprintf
_findnext
_ctype
sprintf
fseek

Exports

Exports

Brbe
Ccefdke
Pxckmzaab
Stjdji
Xhtkj

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9adbe1a5b7cd841ed1cd95e024fcb4b4

Headers

File Characteristics

Imports

kernel32

advapi32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 8KB - Virtual size: 6KB